6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
43.0%
Package : grub2
Version : 1.98+20100804-14+squeeze2
CVE ID : CVE-2015-8370
Debian Bug : #807614
Hector Marco-Gisbert, from the Universitat Politècnica de València
Cybersecurity Team, reported a buffer overflow in grub2 when checking password
during bootup.
For Debian 6 "Squeeze", this problem has been fixed in grub2 version
1.98+20100804-14+squeeze2. We recommend you to upgrade your grub2
packages.
Learn more about the Debian Long Term Support (LTS) Project and how to
apply these updates at: https://wiki.debian.org/LTS/
Attachment:
signature.asc
Description: Digital signature
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 8 | powerpc | grub2 | < 2.02~beta2-22+deb8u1 | grub2_2.02~beta2-22+deb8u1_powerpc.deb |
Debian | 8 | kfreebsd-amd64 | grub-ieee1275-dbg | < 2.02~beta2-22+deb8u1 | grub-ieee1275-dbg_2.02~beta2-22+deb8u1_kfreebsd-amd64.deb |
Debian | 7 | i386 | grub-efi-ia32-bin | < 1.99-27+deb7u3 | grub-efi-ia32-bin_1.99-27+deb7u3_i386.deb |
Debian | 8 | kfreebsd-amd64 | grub-pc | < 2.02~beta2-22+deb8u1 | grub-pc_2.02~beta2-22+deb8u1_kfreebsd-amd64.deb |
Debian | 8 | amd64 | grub-efi-ia32-bin | < 2.02~beta2-22+deb8u1 | grub-efi-ia32-bin_2.02~beta2-22+deb8u1_amd64.deb |
Debian | 7 | kfreebsd-amd64 | grub-pc | < 1.99-27+deb7u3 | grub-pc_1.99-27+deb7u3_kfreebsd-amd64.deb |
Debian | 8 | amd64 | grub-firmware-qemu | < 2.02~beta2-22+deb8u1 | grub-firmware-qemu_2.02~beta2-22+deb8u1_amd64.deb |
Debian | 8 | amd64 | grub-linuxbios | < 2.02~beta2-22+deb8u1 | grub-linuxbios_2.02~beta2-22+deb8u1_amd64.deb |
Debian | 7 | kfreebsd-i386 | grub-linuxbios | < 1.99-27+deb7u3 | grub-linuxbios_1.99-27+deb7u3_kfreebsd-i386.deb |
Debian | 8 | i386 | grub-ieee1275 | < 2.02~beta2-22+deb8u1 | grub-ieee1275_2.02~beta2-22+deb8u1_i386.deb |